CoCalc -- GetServerSchedulesTest.php

GitHub Repository: pterodactyl/panel
Path: blob/1.0-develop/tests/Integration/Api/Client/Server/Schedule/GetServerSchedulesTest.php
⁷⁴⁶¹ views
1
<?php
2

3
namespace Pterodactyl\Tests\Integration\Api\Client\Server\Schedule;
4

5
use Pterodactyl\Models\Task;
6
use Pterodactyl\Models\Schedule;
7
use Pterodactyl\Models\Permission;
8
use Pterodactyl\Tests\Integration\Api\Client\ClientApiIntegrationTestCase;
9

10
class GetServerSchedulesTest extends ClientApiIntegrationTestCase
11
{
12
    /**
13
     * Cleanup after tests run.
14
     */
15
    protected function tearDown(): void
16
    {
17
        Task::query()->forceDelete();
18
        Schedule::query()->forceDelete();
19

20
        parent::tearDown();
21
    }
22

23
    /**
24
     * Test that schedules for a server are returned.
25
     */
26
    #[\PHPUnit\Framework\Attributes\DataProvider('permissionsDataProvider')]
27
    public function testServerSchedulesAreReturned(array $permissions, bool $individual)
28
    {
29
        [$user, $server] = $this->generateTestAccount($permissions);
30

31
        /** @var Schedule $schedule */
32
        $schedule = Schedule::factory()->create(['server_id' => $server->id]);
33
        /** @var Task $task */
34
        $task = Task::factory()->create(['schedule_id' => $schedule->id, 'sequence_id' => 1, 'time_offset' => 0]);
35

36
        $response = $this->actingAs($user)
37
            ->getJson(
38
                $individual
39
                    ? "/api/client/servers/$server->uuid/schedules/$schedule->id"
40
                    : "/api/client/servers/$server->uuid/schedules"
41
            )
42
            ->assertOk();
43

44
        $prefix = $individual ? '' : 'data.0.';
45
        if (!$individual) {
46
            $response->assertJsonCount(1, 'data');
47
        }
48

49
        $response->assertJsonCount(1, $prefix . 'attributes.relationships.tasks.data');
50

51
        $response->assertJsonPath($prefix . 'object', Schedule::RESOURCE_NAME);
52
        $response->assertJsonPath($prefix . 'attributes.relationships.tasks.data.0.object', Task::RESOURCE_NAME);
53

54
        $this->assertJsonTransformedWith($response->json($prefix . 'attributes'), $schedule);
55
        $this->assertJsonTransformedWith($response->json($prefix . 'attributes.relationships.tasks.data.0.attributes'), $task);
56
    }
57

58
    /**
59
     * Test that a schedule belonging to another server cannot be viewed.
60
     */
61
    public function testScheduleBelongingToAnotherServerCannotBeViewed()
62
    {
63
        [$user, $server] = $this->generateTestAccount();
64
        $server2 = $this->createServerModel(['owner_id' => $user->id]);
65

66
        $schedule = Schedule::factory()->create(['server_id' => $server2->id]);
67

68
        $this->actingAs($user)
69
            ->getJson("/api/client/servers/$server->uuid/schedules/$schedule->id")
70
            ->assertNotFound();
71
    }
72

73
    /**
74
     * Test that a subuser without the required permissions is unable to access the schedules endpoint.
75
     */
76
    public function testUserWithoutPermissionCannotViewSchedules()
77
    {
78
        [$user, $server] = $this->generateTestAccount([Permission::ACTION_WEBSOCKET_CONNECT]);
79

80
        $this->actingAs($user)
81
            ->getJson("/api/client/servers/$server->uuid/schedules")
82
            ->assertForbidden();
83

84
        $schedule = Schedule::factory()->create(['server_id' => $server->id]);
85

86
        $this->actingAs($user)
87
            ->getJson("/api/client/servers/$server->uuid/schedules/$schedule->id")
88
            ->assertForbidden();
89
    }
90

91
    public static function permissionsDataProvider(): array
92
    {
93
        return [
94
            [[], false],
95
            [[], true],
96
            [[Permission::ACTION_SCHEDULE_READ], false],
97
            [[Permission::ACTION_SCHEDULE_READ], true],
98
        ];
99
    }
100
}
101

102
Product

Resources

Company
